CN117155993B - Online state computing method, equipment and medium - Google Patents
Online state computing method, equipment and medium Download PDFInfo
- Publication number
- CN117155993B CN117155993B CN202311410204.8A CN202311410204A CN117155993B CN 117155993 B CN117155993 B CN 117155993B CN 202311410204 A CN202311410204 A CN 202311410204A CN 117155993 B CN117155993 B CN 117155993B
- Authority
- CN
- China
- Prior art keywords
- session
- server
- user
- request
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 30
- 238000000034 method Methods 0.000 claims abstract description 30
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 18
- 238000004590 computer program Methods 0.000 claims description 12
- 235000014510 cooky Nutrition 0.000 claims description 7
- 230000002035 prolonged effect Effects 0.000 claims description 4
- 238000001514 detection method Methods 0.000 abstract description 8
- 230000007547 defect Effects 0.000 abstract 1
- 230000007246 mechanism Effects 0.000 description 12
- 230000008569 process Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/54—Presence management, e.g. monitoring or registration for receipt of user log-on information, or the connection status of the users
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Environmental & Geological Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention belongs to the technical field of computers, and discloses an online state computing method, equipment and a medium, wherein the method comprises the following steps: the client sends a login request of a user to the server; the login request comprises an account number and a password; the server judges whether the account number and the password are matched; if so, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in the server, and the session ID is sent to the client for storage; after the account is successfully logged in, based on the account, the client sends the request and the sessionID to the server together when the client sends the request to the server each time; after receiving the request, the server inquires corresponding session information according to the session ID; the server judges whether the session is expired according to the session information; if the user is out of date, judging that the user is offline; if not, the user is determined to be still online. The invention avoids the defect of the heartbeat detection method in calculating the online state, and can calculate the online state more accurately and efficiently.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, and a medium for online status calculation.
Background
In today's Web applications, the computation of user presence is critical to providing a personalized, real-time user experience. Presence calculation refers to the process of determining whether a user is currently still online. Conventional presence computation methods typically use a heartbeat mechanism, i.e., periodically sending heartbeat requests to confirm the presence of the user. However, this method has some problems such as increasing server load and network traffic, misjudging the presence of the user, and the like. Therefore, how to solve these problems and provide a more accurate and efficient online state calculation method is a technical problem to be solved.
Disclosure of Invention
The invention mainly aims to provide a method, equipment and medium for calculating the online state, which aim to solve the technical problems of the existing online state calculation method and provide a more accurate and efficient online state calculation method.
In order to achieve the above object, a first aspect of the present invention provides a method for calculating online status, the method comprising:
the client sends a login request of a user to the server; wherein, the login request comprises an account number and a password;
the server receives the account number and the password and judges whether the account number and the password are matched or not;
if the user is matched with the client, the login is successful, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in session storage of the server, and the session ID is sent to the client for storage;
after the account number is successfully logged in, based on the account number, the client sends a request to the server each time, and the client sends the request and the sessionID to the server together;
after receiving the request, the server inquires corresponding session information according to the session ID;
the server judges whether the session is expired according to the session information;
if the user is out of date, judging that the user is offline;
if not, the user is determined to be still online.
Further, the step of generating a unique sessionID by using an encryption algorithm includes:
generating a random seed value by adopting a random number generator;
and transmitting the seed value, the account number and the time stamp as input to an encryption algorithm for hash operation to generate a unique sessionID.
Further, the session information includes an expiration time of the session, and the step of the server judging whether the session is expired according to the session information includes:
when the server receives the request, acquiring the current time and the expiration time of session;
the server compares the current time with the expiration time of the session;
if the current time is later than or equal to the expiration time of the session, judging that the session is expired;
and if the current time is earlier than the expiration time of the session, judging that the session is not expired.
Further, after the step of determining that the session is not expired, the method further includes:
the server acquires the validity period extension time of the session;
and the server updates the expiration time of the session by using the validity extension time of the session.
Further, the step of obtaining the validity period extension time of the session by the server includes:
the server acquires an account number carried in the login request;
the server searches the level of the account in a database; the database is pre-stored with the levels of all accounts;
the server determines the validity period extension time of the session corresponding to the account according to the corresponding relation between the account level and the validity period extension time of the session; the higher the account number level is, the shorter the session validity period is prolonged.
Further, after the step of creating a session for the user and generating a unique session id by using an encryption algorithm, the server further includes:
the server monitors whether the account is logged out or not or whether the client initiates a request based on the account for a long time;
if the account is detected to be logged off or the client does not initiate a request based on the account for a long time, the server destroys the session and determines that the user is offline.
Further, the step of destroying the session includes:
deleting the session or marking the session as destroyed.
Further, the sessionID is transmitted to the server through any one or more modes of HTTP request header, cookie and URL parameter.
In a third aspect, an embodiment of the present application provides a computer device, including a memory and a processor, where the memory stores a computer program, and the processor executes the computer program to implement the steps of the line state calculation method described in any one of the foregoing steps.
In a fourth aspect, embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of a line-like calculation method as described in any one of the above.
Advantageous effects
Compared with the traditional heartbeat detection method, the embodiment of the application has the following beneficial effects:
1. the traditional heartbeat detection method needs to send heartbeat requests periodically to judge the online state of the user, which increases the load and network flow of the server. The server only needs to verify the validity of the session when receiving the request, and no additional heartbeat request is needed, so that the processing capacity of the server is improved, and the resource consumption of the system is reduced.
2. When a user initiates a request, the server searches corresponding session information according to the session ID, judges whether the session is expired, and considers that the user is offline if the session is expired; if the session has not expired, the user is considered to be still online. Compared with the traditional heartbeat detection mode, the session-based online state calculation method is more accurate, and the online state of the user can be reflected more timely.
3. The session mechanism is a lightweight state management mechanism that does not require maintenance of a large amount of online state information. The server only needs to search the corresponding session information according to the session ID, and then judges whether the session is expired. The efficient session management mode can perform efficient online state calculation under the conditions of large-scale users and high concurrency requests. Meanwhile, the session-based online state computing method can support high availability and expandability by using distributed session storage, and meets the expansion requirement of a system.
4. The session-based online state computing method can flexibly manage sessions. Different session expiration times can be set according to service requirements to meet different requirements. For example, a shorter session expiration time may be set to achieve more accurate presence determinations, or a longer session expiration time may be set to reduce the frequency of session verification. Meanwhile, the session mechanism can also support other functions, such as user authentication, rights management and the like.
5. The encryption algorithm is adopted to generate the unique sessionID, so that the randomness and unpredictability of the generated sessionID can be ensured, and the security of the sessionID is increased, thereby ensuring the security of a session mechanism and improving the accuracy and reliability of online state calculation.
In summary, the online state calculating method based on the session mechanism can provide a more accurate, efficient and extensible online state management scheme. By reducing server load and network traffic, more accurately judging the online state of a user, efficient and extensible session management and flexible session management, better user experience can be provided, and the performance and usability of the system are improved.
Drawings
FIG. 1 is a flow chart of a method for calculating online status according to an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of a computer device according to an embodiment of the present application.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, modules, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, modules, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein includes all or any module and all combination of one or more of the associated listed items.
It will be understood by those skilled in the art that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
Referring to fig. 1, an embodiment of the present invention provides a method for calculating an online status, including:
s1, a client sends a login request to a server; the login request comprises an account number and a password.
In step S1, specifically, the user performs an operation on the client, opens a login page or enters a login interface through an application. After a user inputs an account number and a password on a login page or a login interface and clicks a login button, the client sends a login request to the server, wherein the login request carries the account number and the password input by the user, namely the client sends the account number and the password to the server.
S2, the server receives the account number and the password and judges whether the account number and the password are matched or not.
In step S2, the account is typically used for authentication, verifying the identity of the user to determine whether he has access to a specific resource or to perform a specific operation, and by logging in the account, the system can identify the user and confirm his rights to ensure that only legally authorized users perform the relevant operation. The embodiment of the invention can verify whether the user can have the function of accessing the designated resource in the server by judging whether the account number and the password are matched. Specifically, a large number of accounts and passwords corresponding to the accounts are prestored in a database of the server, when the server receives the accounts and the passwords carried by the login request, the server searches the database for the accounts identical to the login request, if the accounts are not searched, the server judges that the accounts are not registered, returns prompt information of the unregistered accounts to the client, if the accounts are searched, the passwords corresponding to the accounts are obtained in the database, the passwords are compared with the passwords carried by the login request, if the passwords are identical, the account and the passwords carried by the login request are judged to be matched, prompt information of successful login is returned to the client, if the passwords are different, the account and the passwords carried by the login request are judged to be unmatched, and prompt information of login failure is returned to the client.
S3, if the user is matched, the login is successful, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in session storage of the server, and the session ID is sent to the client for storage.
In step S3, session refers to a session. sessionID refers to a session ID, which is a unique identifier. The sessionID is associated with the identity of the user, such as the sessionID is associated with the account number, and stored in a session storage at the server, such as a memory, a database, etc., so that the identity of the user can be confirmed through the sessionID.
And S4, after the account login is successful, based on the account, the client sends the request and the session ID to the server together when the client sends the request to the server each time.
In step S4, after the account login is successful, on the premise that the user operates under the account, when the user operates the client to send a request to the server, the client sends the request and the session id to the server, so that the server can determine which session the request belongs to according to the session id.
S5, after receiving the request, the server inquires corresponding session information according to the session ID.
In step S5, session id is associated with the identity of the user, so that session information of the corresponding user, that is, session information, can be queried through the session id, where the session information refers to data related to a session stored at the server, and includes configuration information for storing the session, such as expiration time of the session, language preference, and the like. User data such as user name, user ID, user preference settings, etc. may also be included.
S6, the server judges whether the session is expired according to the session information.
In step S6, when the expiration time of the session is included in the session information, it may be determined whether the session is expired according to the expiration time of the session.
And S7, if the user is out of date, judging that the user is offline.
And S8, if the user is not expired, judging that the user is still online.
In steps S7 and S8, if the session expires, it is determined that the user is offline, and if not, the user is considered to be online. Online refers to the user being active, i.e., the user has active operations such as clicking, keyboard entry, etc., for a period of time. If the user has no active operation for a period of time, the system is in an offline state. For example, for a certain APP, after the user logs in to the account, if the user does not operate on the APP for a long time, the user is considered to be offline, and if the user has operated on the APP for a period of time, the user is considered to be still online.
Compared with the traditional heartbeat detection method, the embodiment of the application has the following beneficial effects:
1. the traditional heartbeat detection method needs to send heartbeat requests periodically to judge the online state of the user, which increases the load and network flow of the server. The server only needs to verify the validity of the session when receiving the request, and no additional heartbeat request is needed, so that the processing capacity of the server is improved, and the resource consumption of the system is reduced.
2. When a user initiates a request, the server searches corresponding session information according to the session ID, judges whether the session is expired, and considers that the user is offline if the session is expired; if the session has not expired, the user is considered to be still online. Compared with the traditional heartbeat detection mode, the session-based online state calculation method is more accurate, and the online state of the user can be reflected more timely.
3. The session mechanism is a lightweight state management mechanism that does not require maintenance of a large amount of online state information. The server only needs to search the corresponding session information according to the session ID, and then judges whether the session is expired. The efficient session management mode can perform efficient online state calculation under the conditions of large-scale users and high concurrency requests. Meanwhile, the session-based online state computing method can support high availability and expandability by using distributed session storage, and meets the expansion requirement of a system.
4. The session-based online state computing method can flexibly manage sessions. Different session expiration times can be set according to service requirements to meet different requirements. For example, a shorter session expiration time may be set to achieve more accurate presence determinations, or a longer session expiration time may be set to reduce the frequency of session verification. Meanwhile, the session mechanism can also support other functions, such as user authentication, rights management and the like.
5. The encryption algorithm is adopted to generate the unique sessionID, so that the randomness and unpredictability of the generated sessionID can be ensured, and the security of the sessionID is increased, thereby ensuring the security of a session mechanism and improving the accuracy and reliability of online state calculation.
In summary, the online state calculating method based on the session mechanism can provide a more accurate, efficient and extensible online state management scheme. By reducing server load and network traffic, more accurately judging the online state of a user, efficient and extensible session management and flexible session management, better user experience can be provided, and the performance and usability of the system are improved.
In one embodiment, the step of generating a unique sessionID using an encryption algorithm includes:
generating a random seed value by adopting a random number generator;
and transmitting the seed value, the account number and the time stamp as input to an encryption algorithm for hash operation, and generating a unique sessionID.
In the embodiment of the application, a unique sessionID can be generated by combining the random seed, the account number and the time stamp, and the randomness and the unpredictability of the generated sessionID can be ensured and the security of the sessionID can be increased by using the encryption algorithm, so that the security of a session mechanism is ensured, and the accuracy and the reliability of online state calculation are further improved.
In an embodiment, the session information includes an expiration time of the session, and the step of the server determining whether the session is expired according to the session information includes:
when the server receives the request, acquiring the current time and the expiration time of session;
the server compares the current time with the expiration time of the session;
if the current time is later than or equal to the expiration time of the session, judging that the session is expired;
and if the current time is earlier than the expiration time of the session, judging that the session is not expired.
In the embodiment of the present application, the server obtains the current time from the moment when the server receives the request, for example, when the server is at 10:20 receives the request, then 10:20 is the current time, and the expiration time of the session is a dynamic time, if the user initiates a new request within the session validity period, the expiration time of the session is refreshed, thereby prolonging the session validity period. After obtaining the current time and the expiration time of the session, comparing, if the current time is later than or equal to the expiration time of the session, for example, the current time is 10:20, the expiration time of session is 10:00, then determining that the session expires; if the current time is 10:20, the expiration time of session is 10:40, then it is determined that the session has not expired.
According to the session-based online state calculating method, the online state of a user is judged through the expiration time of session (session), when a user initiates a request, a server searches the expiration time of the corresponding session according to the session ID, judges whether the session is expired, and if so, considers that the user is offline; if the session has not expired, the user is considered to be still online. Compared with the traditional heartbeat detection mode, the session-based online state calculation method is more accurate, and the online state of the user can be reflected more timely.
In an embodiment, after the step of determining that the session is not expired, the method further includes:
the server acquires the validity period extension time of the session;
and the server updates the expiration time of the session by using the validity extension time of the session.
In the embodiment of the present application, the period of validity extension time of the session is preset, for example, the period of validity extension time of the session is 30 minutes. If the expiration time of session is 10:00, then after updating the expiration time of the session with the validity extension time of the session, the expiration time of the session becomes 10:30.
when the session is not expired, and the user initiates a new request, the expiration time of the session is updated by using the validity extension time of the session, so that the state of the user can be reflected more accurately.
Further, the step of obtaining the validity period extension time of the session by the server includes:
the server acquires an account number carried in the login request;
the server searches the level of the account in a database; the database is pre-stored with the levels of all accounts;
the server determines the validity period extension time of the session corresponding to the account according to the corresponding relation between the account level and the validity period extension time of the session; the higher the account number level is, the shorter the session validity period is prolonged.
In the embodiment of the application, the state of the user, namely whether the user is in an online state or an offline state, can be more accurately determined by setting the validity period extension time of different session corresponding to different account levels. Specifically, the higher the account number level is, the higher the user permission is, the more sensitive the operation can be executed, the more easily the user is noticed and attacked, and the setting of a shorter session validity period for a prolonged time can improve the safety of the user session, so that the accuracy and the reliability of the online state calculation are improved.
In one embodiment, the step of creating a session for the user and generating a unique session id using an encryption algorithm by the server further includes:
the server monitors whether the account is logged out or not or whether the client initiates a request based on the account for a long time;
if the account is detected to be logged off or the client does not initiate a request based on the account for a long time, the server destroys the session and determines that the user is offline.
In the embodiment of the application, whether the account is logged out or not or whether the client initiates the request for a long time is monitored, and when the account is logged out or the client does not initiate the request for a long time, the user is judged to be offline, so that the state of the user can be reflected more accurately.
In an embodiment, the step of destroying the session includes:
deleting the session or marking the session as destroyed.
In the embodiment of the application, deletion of the session or marking of the session as destroyed can be realized
And destroying session. And deleting session can release the resources of the server, thereby reducing the load of the server.
In an embodiment, the sessionID is transferred to the server by any one or more of HTTP request header, cookie, and URL parameters.
In the embodiment of the application, the sessionID is transmitted to the server in the mode of the HTTP request head, the sessionID is not transmitted in a plaintext in URL (uniform resource locator), is not easy to intercept by a third party, and has high safety. In addition, the sessionID is taken as a part of the request head, so that the length of the URL is not increased, and the method is relatively simple. In addition, the client can set a Cookie in the HTTP response, then send the Cookie to the server in a subsequent request, and the server can acquire the information of the client by reading the Cookie, namely the sessionID. The sessionID is transmitted through the URL, namely the sessionID is directly used as a part of the URL, additional configuration is not needed, the sessionID can be directly seen in the browser address bar, and the debugging is convenient. Note that when the user shields the Cookie at the client, the sessionID cannot be transferred, and at this time, the sessionID may be transferred by using the HTTP request header or the URL parameter.
Referring to fig. 2, an embodiment of the present invention further provides a computer device, and an internal structure of the computer device may be as shown in fig. 2. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The nonvolatile storage medium stores an operating device, a computer program, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing data of the presence state calculation method and the like. The network interface of the computer device is used for communicating with an external terminal through a network connection. Further, the above-mentioned computer apparatus may be further provided with an input device, a display screen, and the like. The computer program is executed by a processor to realize an online state calculating method, and comprises the following steps: the client sends a login request of a user to the server; wherein, the login request comprises an account number and a password; the server receives the account number and the password and judges whether the account number and the password are matched or not; if the user is matched with the client, the login is successful, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in session storage of the server, and the session ID is sent to the client for storage; after the account number is successfully logged in, based on the account number, the client sends a request to the server each time, and the client sends the request and the sessionID to the server together;
after receiving the request, the server inquires corresponding session information according to the session ID;
the server judges whether the session is expired according to the session information; if the user is out of date, judging that the user is offline; if not, the user is determined to be still online. Those skilled in the art will appreciate that the architecture shown in fig. 2 is merely a block diagram of a portion of the architecture in connection with the present application and is not intended to limit the computer device to which the present application is applied.
An embodiment of the present application further provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method for online state calculation, including the steps of: the client sends a login request of a user to the server; wherein, the login request comprises an account number and a password; the server receives the account number and the password and judges whether the account number and the password are matched or not;
if the user is matched with the client, the login is successful, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in session storage of the server, and the session ID is sent to the client for storage; after the account number is successfully logged in, based on the account number, the client sends a request to the server each time, and the client sends the request and the sessionID to the server together; after receiving the request, the server inquires corresponding session information according to the session ID; the server judges whether the session is expired according to the session information; if the user is out of date, judging that the user is offline; if not, the user is determined to be still online. It is understood that the computer readable storage medium in this embodiment may be a volatile readable storage medium or a nonvolatile readable storage medium.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium provided herein and used in embodiments may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual speed data rate SDRAM (SSRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, apparatus, article or method that comprises the element.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the invention, and all equivalent structures or equivalent processes using the descriptions and drawings of the present invention or directly or indirectly applied to other related technical fields are included in the scope of the invention.
Claims (6)
1. A method of online status calculation, the method comprising:
the client sends a login request of a user to the server; wherein, the login request comprises an account number and a password;
the server receives the account number and the password and judges whether the account number and the password are matched or not;
if the user is matched with the client, the login is successful, the server creates a session for the user and generates a unique session ID by adopting an encryption algorithm, the session ID is stored in session storage of the server, and the session ID is sent to the client for storage;
after the account number is successfully logged in, based on the account number, the client sends a request to the server each time, and the client sends the request and the sessionID to the server together;
after receiving the request, the server inquires corresponding session information according to the session ID;
the server judges whether the session is expired according to the session information;
if the user is out of date, judging that the user is offline;
if not, judging that the user is still online;
the step of generating a unique sessionID by using an encryption algorithm comprises the following steps:
generating a random seed value by adopting a random number generator;
transmitting the seed value, the account number and the time stamp as input to an encryption algorithm for hash operation to generate a unique sessionID;
the session information comprises the expiration time of the session, and the step of judging whether the session is expired or not by the server according to the session information comprises the following steps:
when the server receives the request, acquiring the current time and the expiration time of session;
the server compares the current time with the expiration time of the session;
if the current time is later than or equal to the expiration time of the session, judging that the session is expired;
if the current time is earlier than the expiration time of the session, judging that the session is not expired; the server acquires the validity period extension time of the session; the server updates the expiration time of the session by using the validity extension time of the session;
the step of obtaining the validity period extension time of the session by the server comprises the following steps:
the server acquires an account number carried in the login request;
the server searches the level of the account in a database; the database is pre-stored with the levels of all accounts;
the server determines the validity period extension time of the session corresponding to the account according to the corresponding relation between the account level and the validity period extension time of the session; the higher the account number level is, the shorter the session validity period is prolonged.
2. The online status calculating method of claim 1, wherein the server further comprises, after the step of creating a session for the user and generating a unique session id using an encryption algorithm:
the server monitors whether the account is logged out or not or whether the client initiates a request based on the account for a long time;
if the account is detected to be logged off or the client does not initiate a request based on the account for a long time, the server destroys the session and determines that the user is offline.
3. The online status calculation method of claim 2, wherein the destroying the session comprises:
deleting the session or marking the session as destroyed.
4. The online status calculation method of claim 1, wherein the sessionID is delivered to the server by any one or more of HTTP request header, cookie, and URL parameters.
5. A computer device comprising a memory and a processor, the memory having stored therein a computer program, characterized in that the processor, when executing the computer program, implements the steps of the presence calculation method according to any of claims 1 to 4.
6. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the presence calculation method according to any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311410204.8A CN117155993B (en) | 2023-10-27 | 2023-10-27 | Online state computing method, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311410204.8A CN117155993B (en) | 2023-10-27 | 2023-10-27 | Online state computing method, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117155993A CN117155993A (en) | 2023-12-01 |
| CN117155993B true CN117155993B (en) | 2024-01-26 |
Family
ID=88910398
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311410204.8A Active CN117155993B (en) | 2023-10-27 | 2023-10-27 | Online state computing method, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117155993B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475630A (en) * | 2012-06-08 | 2013-12-25 | 深圳中兴网信科技有限公司 | Session preservation method and apparatus thereof |
| CN106534158A (en) * | 2016-11-29 | 2017-03-22 | 努比亚技术有限公司 | Account login control device and method |
| CN108306928A (en) * | 2017-12-22 | 2018-07-20 | 努比亚技术有限公司 | Session management methods, web server and computer readable storage medium |
| CN108632234A (en) * | 2017-08-28 | 2018-10-09 | 北京视联动力国际信息技术有限公司 | A kind of user login method and device |
| CN110298162A (en) * | 2019-05-22 | 2019-10-01 | 深圳壹账通智能科技有限公司 | Application client login method, device, computer equipment and storage medium |
| CN112861092A (en) * | 2021-03-10 | 2021-05-28 | 上海昊沧系统控制技术有限责任公司 | Method and system for realizing single-terminal login limitation based on JWT authentication application |
| CN112968963A (en) * | 2021-02-23 | 2021-06-15 | 上海昊沧系统控制技术有限责任公司 | WebSocket-based method for user forced real-time offline |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102035312B1 (en) * | 2016-04-25 | 2019-11-08 | (주)이스톰 | User centric authentication mehtod and system |
-
2023
- 2023-10-27 CN CN202311410204.8A patent/CN117155993B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475630A (en) * | 2012-06-08 | 2013-12-25 | 深圳中兴网信科技有限公司 | Session preservation method and apparatus thereof |
| CN106534158A (en) * | 2016-11-29 | 2017-03-22 | 努比亚技术有限公司 | Account login control device and method |
| CN108632234A (en) * | 2017-08-28 | 2018-10-09 | 北京视联动力国际信息技术有限公司 | A kind of user login method and device |
| CN108306928A (en) * | 2017-12-22 | 2018-07-20 | 努比亚技术有限公司 | Session management methods, web server and computer readable storage medium |
| CN110298162A (en) * | 2019-05-22 | 2019-10-01 | 深圳壹账通智能科技有限公司 | Application client login method, device, computer equipment and storage medium |
| CN112968963A (en) * | 2021-02-23 | 2021-06-15 | 上海昊沧系统控制技术有限责任公司 | WebSocket-based method for user forced real-time offline |
| CN112861092A (en) * | 2021-03-10 | 2021-05-28 | 上海昊沧系统控制技术有限责任公司 | Method and system for realizing single-terminal login limitation based on JWT authentication application |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117155993A (en) | 2023-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8438382B2 (en) | Credential management system and method | |
| CN103023918B (en) | The mthods, systems and devices logged in are provided for multiple network services are unified | |
| CN110213223B (en) | Service management method, device, system, computer equipment and storage medium | |
| US6769068B1 (en) | Dynamic credential refresh in a distributed system | |
| US8667294B2 (en) | Apparatus and method for preventing falsification of client screen | |
| US7251827B1 (en) | In-line sign in | |
| US20180077166A1 (en) | Method of and system for generating user profiles | |
| US20050015601A1 (en) | Methods, systems, and media to authenticate a user | |
| US20100077467A1 (en) | Authentication service for seamless application operation | |
| CN111241555B (en) | Access method and device for simulating user login, computer equipment and storage medium | |
| US20090007250A1 (en) | Client authentication distributor | |
| CN108365958B (en) | Account login verification method and device, computer equipment and storage medium | |
| CN110781482A (en) | Login method, login device, computer equipment and storage medium | |
| WO2009135754A1 (en) | System, method and program product for consolidated authentication | |
| CN106452774B (en) | Method and device for controlling access authority based on single sign-on protocol | |
| CN112491890A (en) | Access method and device | |
| CN111294337B (en) | Authentication method and device based on token | |
| CN112165448A (en) | Service processing method, device, system, computer equipment and storage medium | |
| CN113626840A (en) | Interface authentication method and device, computer equipment and storage medium | |
| CN112118238A (en) | Method, device, system, equipment and storage medium for authentication login | |
| CN112187899A (en) | Cloud hosting communication method, device and system, computer equipment and storage medium | |
| CN112929388B (en) | Network identity cross-device application rapid authentication method and system, and user agent device | |
| US11075922B2 (en) | Decentralized method of tracking user login status | |
| CN117155993B (en) | Online state computing method, equipment and medium | |
| CN112560006A (en) | Single sign-on method and system under multi-application system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |